Installing TinyDNS

Please note: There is no available port for TinyDNS so we are pretty much forced to use the source for this. I humbly apologize! For more information please take a look at http://www.djbdnsrocks.net/

One of the main reasons why you would want TinyDNS installed is for a few reasons. The first reason is if you are behind a router/firewall, you should always have a DNS server supporting your local lan. Why do this when I have my ISP? Well, heres the reason why:

If you setup your nameserver on your linux box to be your ISP's DNS server, Name resolution is going to be slower than an internal DNS server based upon your speed. Not only that but you cannot specify your own local names/IPs. It is very common to have network administrators blindly using their ISPs DNS server without knowing an Internal DNS server will not only be faster but can also act as your primary DNS server.

Lets say for instance all your computers behind your router/fireall all are in 192.168.9.x subnets and all your machines are using the ISPs DNS. If you get disconnected from your ISP, POOF! All network connectivity is gone. Lets hope you're not using anything like any accounting programs or what not. I am not saying this is the way all people do it but if you are a first or even second network admin, chances are (Unless it was setup properly beforehand) this is the way it is setup now.

Now, In a managed DNS enviornment, Your router has your DNS information and ALL your DNS requests from your clients are sent to the IP of your linux box. If you get disconnected from the net, all your internal DNS is still working. All your Apps will still be working. As long as you're behind your router/firewall, everything should be working fine.

Let me walk you through the two major parts of djbdns. The first is tinydns, this is the naming server portion. Caching servers, like dnscache send queries to tinydns regarding domains it is authorative to. Ddnscache holds those answers so that if you ask for goodcleanemail.com than I do, the program only makes one trip to antagonism's tinydns server. Dnscache reduces the number of external queries a network makes. Makes sense, right?

1) A working FreeBSD Box. 2) At least 2 unused IP addresses. 1 is usually fine. 3) Daemontools - This was installed if you did my qmail install. If not, please install that step! 4) UCSPI-TCP - This was also installed if you did my qmail install. If not, please install that step too! 5) You will want ports 22 (SSH) and 53 (DNS) open. If you don't want anyone outside of your network using your DNS server (Personally, I don't pass this port either) don't forward port 53.

That is about it. When all those requirements have been met, You can now continue.

Next, lets run the script that will add the tinydns users/groups to this system:

# ~root/djbdnsrocks/scripts/add_users_freebsd.script

Configuring TinyDNS

For purposes of this HOWTO, example.local is the top level domain and host.example.local is a host on the domain. You can add any amount of top-level domains as you like. Just make sure all the top level domains have a 127.0.0.1 IP address. The local network is 192.168.1.0/24 with host.example.local being the nameserver at 192.168.1.1. To configure tinydns, run the following commands. Replace example.local and host.example.loãal with your chosen domain names:

# /usr/local/bin/tinydns-conf tinydns dnslog /etc/tinydns 127.0.0.1

Starting TinyDNS

Now start the service with the following command:

# ln -s /etc/tinydns /service

You can verify it is running by typing:

# svstat /service/tinydns

If it starts counting up past 2, you should be fine. If not, something isn't working right so check the log here and see what it says:

# vi /service/tinydns/log/main/current

Now lets add your first box to TinyDNS. So lets add the FreeBSD sever first.